URLhaus Database

You are currently viewing the URLhaus database entry for http://198.23.213.57/Ohms.exe which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	847209
URL:	http://198.23.213.57/Ohms.exe
URL Status:	Offline
Host:	198.23.213.57
Date added:	2020-11-23 18:54:06 UTC
Last online:	2022-02-21 07:XX:XX UTC
Threat:	Malware download
Reporter:	abuse_ch
Abuse complaint sent (?):	Yes (2020-11-23 18:56:02 UTC to abuse{at}colocrossing[dot]com)
Takedown time:	1 year, 3 month, 4 days, 12 hours, 8 minutes (down since 2022-02-21 07:04:39 UTC)
Tags:	AgentTesla exe

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-02-17	n/a	exe	9a3790d836b29174fdb23a5b7612ddd03c510157b7a55712b00c424b669c24ac	n/a	AgentTesla
2022-02-16	n/a	exe	f65ba3376297474cfa75a6cd19cea2036f5735ed12fd7f5e4177024feeeeebd9	n/a	AgentTesla
2022-02-16	n/a	exe	cc7c664530f49ce71a529b43319933f778948f5cde08d8592e4259b8428a94cc	n/a	AgentTesla
2022-02-15	n/a	exe	257015ec9c05ee37bf2492c0d41884a8d70347f02664850a55c77379b5a12c07	n/a	AgentTesla
2022-02-15	n/a	exe	d4ac2f1250d555a2681739d862614fa1735e58f67ba94ec15e9fb4944d5a50d7	n/a	AgentTesla
2022-02-14	n/a	exe	5fd8ce1ead90e9ef50055ee61b68b5b94858f8ca2478c8e68bad04871e317b8f	n/a	AgentTesla
2022-02-14	n/a	exe	4ea4984ea96300ac77002b130bba2e22f4e2469dd9d3faf00eb269e2cad822c3	n/a	AgentTesla
2022-02-01	n/a	exe	4a61500118a047e49bdb3f82bef14a068737aea193830f4a8fd5b6ceb0ba5bb0	n/a	AgentTesla
2021-05-04	n/a	exe	8353e30c6566795da3e5aa38a22b4707ee895cfa115ffa399cfbe7d57d00f91d	n/a	AgentTesla
2021-05-04	n/a	exe	612d1888d98714893e69c4649a46a990c9c26367834d5be5afc05df15e913572	n/a	AgentTesla
2021-04-30	n/a	exe	e0835ed940bbcc9e1b6d0da706aab1029b489903ec75e0ab808e21ebe8c552ad	n/a	AgentTesla
2021-04-27	n/a	exe	8aabfb2b5aeee025f4a6d963c8761011efb74797e37ee89fd37ae5c23f7f2945	n/a	AgentTesla
2021-04-26	n/a	exe	ec265177529ab61116c59e3361436b6c4f9e48bbef4488d2d3a97ebdb2f9837a	n/a	AgentTesla
2021-04-22	n/a	exe	679ebf79dd090c45ab0777aea92e3f2dc6b8199eb8cd17fb7ca50e6239ccb62e	n/a	AgentTesla
2021-04-22	n/a	exe	9fadae8c6a192536c41677546bc32e530d38084906e8be610573538f0955c49d	24.64%	AgentTesla
2020-11-23	n/a	exe	b49c6a2d089b5b8e50c79894e0ab216c3bad852e66af30ed4764fd79d69251a6	14.29%	AgentTesla